<?php

define('SCR','my');

/* 本文件主要处理个人用户的自行管理 */
require_once('global.php');
require_once(R_P . 'require/init.php');

if (empty($login_name)) showAlert('请登录后再访问此页面', 'index.php');

if (!isset($_GET['action']))
{
	$my = $db->get_one("SELECT * FROM cms_user WHERE username='$login[username]'");
	if ($my['nbcid']) {
		showAlert('请到协同办公软件中进行您个人资料的管理');
	}
	require_once(D_P . 'data/cache/group.php');
	//print_r($group);exit;
}
elseif ($_GET['action'] == 'upload')
{
	$rs = $db->get_one("SELECT count(*) AS total FROM cms_contentindex WHERE publisher='$login[username]'");
	$total = $rs['total'];
	$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
	$pagesize = 15;
	$start = ($page - 1)*$pagesize;
	$pages = numofpage($total, $page, ceil($total/$pagesize), 'my.php?action=upload&');

	$myupload = $db->get_array("SELECT * FROM cms_contentindex WHERE publisher = '$login_name' ORDER BY postdate DESC LIMIT $start,$pagesize");
}
elseif ($_GET['action'] == 'fav')
{
	$rs = $db->get_one("SELECT count(*) AS total FROM cms_favor WHERE uid='$login[uid]'");
	$total = $rs['total'];
	$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
	$pagesize = 20;
	$start = ($page - 1)*$pagesize;
	$pages = numofpage($total, $page, ceil($total/$pagesize), 'my.php?action=fav&');
	$tids = $db->get_array("SELECT * FROM cms_favor WHERE uid='$login[uid]' LIMIT $start, $pagesize");

	$tidArr = array();
	foreach ($tids as $t)
	{
		$tidArr[] = intval($t['tid']);
	}
	if (!empty($tidArr))
	{
		$tids = implode(',', $tidArr);
		$myfav = $db->get_array("SELECT * FROM cms_contentindex WHERE tid IN($tids) ORDER BY postdate DESC");
	}
}
elseif ($_GET['action'] == 'addfav')
{
	$tid = intval($_GET['tid']);
	$uid = $login['uid'];
	$rs = $db->get_one("SELECT * FROM cms_favor WHERE tid='$tid' AND uid='$uid'");
	if (!empty($rs))
	{
		echo '0';
	}
	else {
		$db->query("INSERT INTO cms_favor SET tid='$tid',uid='$uid'");
		//echo "INSERT INTO cms_favor SET tid='$tid' AND uid='$uid'";//exit;
		echo '1';
	}
	exit;
}
elseif ($_GET['action'] == 'removefav')
{
	$tid = intval($_GET['tid']);
	$uid = $login['uid'];
	$rs = $db->get_one("SELECT * FROM cms_favor WHERE tid='$tid' AND uid='$uid'");
	if (empty($rs))
	{
		echo '0';
	}
	else
	{
		$db->query("DELETE FROM cms_favor WHERE tid='$tid' AND uid='$uid'");
		echo '1';
	}
	exit;
}
elseif ($_GET['action'] == 'edit')
{
	$new_password = trim($_POST['new_password']);
	$new_email = trim($_POST['new_email']);
	$new_password2 = trim($_POST['new_password2']);
	$realname = Char_cv($_POST['realname']);
	$idcard = Char_cv($_POST['idcard']);
	$telephone = Char_cv($_POST['telephone']);

	if(!empty($new_password))
	{

		if ($login['username'] == $GLOBALS['manager'])
		{
			showAlert('您是系统管理员，修改密码请到“系统管理”-“系统管理员”菜单中进行操作。');
		}
		if (strlen($new_password) < 5)
		{
			showAlert('您输入的密码长度太短，应该至少5个字符长度');
		}
		$new_password!=$new_password2 && showAlert('两次输入的密码不相符');
		$new_password = md5($new_password);
		$sqladd=",`password`='$new_password'";
		Cookie('login', ''); //清空COOKIE
		$needlogin = 1;
	}

	$db->update("UPDATE cms_user SET
			`email`='$new_email',
			`telephone`='$telephone',
			`idcard`='$idcard',
			`realname`='$realname'
			 $sqladd WHERE uid='$login[uid]'
			");
	if ($needlogin)
	{
		showAlert('成功编辑了您的个人信息，现在您需要重新登录系统。', 'index.php');
	}
	else 
	{
		showAlert('成功编辑了您的个人信息', 'my.php');
	}
}

start($very['charset']);
require Template();
footer();
?>